CVE-2026-40886
Published: 23 April 2026
Summary
CVE-2026-40886 is a high-severity Improper Validation of Array Index (CWE-129) vulnerability in Argoproj Argo Workflows. Its CVSS base score is 7.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 14.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-11 (Error Handling).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the vulnerability by requiring timely patching to fixed Argo Workflows versions 4.0.5 or 3.7.14, eliminating the unchecked array index flaw.
Requires validation of user-controlled inputs like the workflows.argoproj.io/pod-gc-strategy annotation to prevent malformed data from triggering the array index error.
Mandates graceful handling of errors such as invalid array indices in the podGCFromPod() function to avoid controller-wide panics outside recover scopes.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables an attacker to submit a malformed annotation on a workflow pod, triggering an unchecked array index panic that crashes the Argo Workflows controller in a persistent loop, directly facilitating Endpoint Denial of Service via Application or System Exploitation.
NVD Description
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod() function causes a controller-wide panic when a workflow pod carries a malformed…
more
workflows.argoproj.io/pod-gc-strategy annotation. Because the panic occurs inside an informer goroutine (outside the controller's recover() scope), it crashes the entire controller process. The poisoned pod persists across restarts, causing a crash loop that halts all workflow processing until the pod is manually deleted. This vulnerability is fixed in 4.0.5 and 3.7.14.
Deeper analysisAI
CVE-2026-40886 affects Argo Workflows, an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. The vulnerability exists in versions 3.6.5 through 4.0.4 due to an unchecked array index in the pod informer's podGCFromPod() function. When a workflow pod includes a malformed workflows.argoproj.io/pod-gc-strategy annotation, it triggers a controller-wide panic. This panic occurs inside an informer goroutine outside the controller's recover() scope, crashing the entire controller process.
An attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N). By creating or modifying a workflow pod with the malformed annotation, the attacker causes the controller to crash repeatedly. The "poisoned" pod persists across restarts, leading to a crash loop that halts all workflow processing across the cluster until the pod is manually deleted. The impact is high availability disruption (A:H) with a changed scope (S:C), as scored at CVSS 7.7 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H), and is associated with CWE-129 (Improper Validation of Array Index).
The GitHub security advisory (GHSA-5jv8-h7qh-rf5p) confirms the issue and states that it is fixed in Argo Workflows versions 4.0.5 and 3.7.14. Security practitioners should upgrade to these patched releases to mitigate the vulnerability and manually delete any affected pods to restore controller functionality.
Details
- CWE(s)